From 2af71f31b45b8568c18a8833a20529ba3c835768 Mon Sep 17 00:00:00 2001
From: Bogdan Dobrelya <bdobrelia@mirantis.com>
Date: Tue, 2 Aug 2016 10:55:42 +0200
Subject: [PATCH] Rework systemd service units
* Add for docker system units:
ExecReload=/bin/kill -s HUP $MAINPID
Delegate=yes
KillMode=process.
* Add missed DOCKER_OPTIONS for calico/weave docker systemd unit.
* Change Requires= to a less strict and non-faily Wants=, add missing
Wants= for After=.
* Align wants/after in a wat if Wants=foo, After= has foo as well.
* Make wants/after docker.service to ask for the docker.socket as well.
* Move "docker rm -f" commands from ExecStartPre= to ExecStopPost=.
hooks to ensure non-destructive start attempts issued by Wants=.
Signed-off-by: Bogdan Dobrelya <bdobrelia@mirantis.com>
---
roles/etcd/templates/etcd-docker.service.j2 | 6 +++---
roles/etcd/templates/etcd-proxy-docker.service.j2 | 6 +++---
roles/kubernetes/node/templates/kubelet.service.j2 | 8 +++++---
.../calico/templates/calico-node.service.j2 | 4 ++--
.../calico/templates/systemd-docker.service | 7 +++++--
.../flannel/templates/systemd-docker.service | 10 +++++++---
.../weave/templates/systemd-docker.service | 8 ++++++--
roles/network_plugin/weave/templates/weave.service.j2 | 4 ++--
.../weave/templates/weaveexpose.service.j2 | 6 ++----
.../weave/templates/weaveproxy.service.j2 | 4 ++--
10 files changed, 37 insertions(+), 26 deletions(-)
diff --git a/roles/etcd/templates/etcd-docker.service.j2 b/roles/etcd/templates/etcd-docker.service.j2
index a37759fec..4b6cec5c9 100644
--- a/roles/etcd/templates/etcd-docker.service.j2
+++ b/roles/etcd/templates/etcd-docker.service.j2
@@ -1,7 +1,7 @@
[Unit]
Description=etcd docker wrapper
-Wants=docker.socket
-After=docker.service
+Wants=docker.service docker.socket
+After=docker.service docker.socket
[Service]
User=root
@@ -18,7 +18,7 @@ ExecStart={{ docker_bin_dir | default("/usr/bin") }}/docker run --restart=always
{% if etcd_after_v3 %}
{{ etcd_container_bin_dir }}etcd
{% endif %}
-ExecStartPre=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_member_name | default("etcd-proxy") }}
+ExecStopPost=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_member_name | default("etcd-proxy") }}
ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_member_name | default("etcd-proxy") }}
ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_member_name | default("etcd-proxy") }}
Restart=always
diff --git a/roles/etcd/templates/etcd-proxy-docker.service.j2 b/roles/etcd/templates/etcd-proxy-docker.service.j2
index bf70f0e7f..939e6fd35 100644
--- a/roles/etcd/templates/etcd-proxy-docker.service.j2
+++ b/roles/etcd/templates/etcd-proxy-docker.service.j2
@@ -1,7 +1,7 @@
[Unit]
Description=etcd-proxy docker wrapper
-Wants=docker.socket
-After=docker.service
+Wants=docker.service docker.socket
+After=docker.service docker.socket
[Service]
User=root
@@ -18,7 +18,7 @@ ExecStart={{ docker_bin_dir | default("/usr/bin") }}/docker run --restart=always
{% if etcd_after_v3 %}
{{ etcd_container_bin_dir }}etcd
{% endif %}
-ExecStartPre=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_proxy_member_name | default("etcd-proxy") }}
+ExecStopPost=-{{ docker_bin_dir | default("/usr/bin") }}/docker rm -f {{ etcd_proxy_member_name | default("etcd-proxy") }}
ExecReload={{ docker_bin_dir | default("/usr/bin") }}/docker restart {{ etcd_proxy_member_name | default("etcd-proxy") }}
ExecStop={{ docker_bin_dir | default("/usr/bin") }}/docker stop {{ etcd_proxy_member_name | default("etcd-proxy") }}
Restart=always
diff --git a/roles/kubernetes/node/templates/kubelet.service.j2 b/roles/kubernetes/node/templates/kubelet.service.j2
index acad42e1f..e92f71d51 100644
--- a/roles/kubernetes/node/templates/kubelet.service.j2
+++ b/roles/kubernetes/node/templates/kubelet.service.j2
@@ -2,9 +2,11 @@
Description=Kubernetes Kubelet Server
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
{% if kube_network_plugin is defined and kube_network_plugin == "calico" %}
-After=docker.service calico-node.service
+After=docker.service docker.socket calico-node.service
+Wants=docker.service docker.socket calico-node.service
{% else %}
-After=docker.service
+After=docker.service docker.socket
+Wants=docker.service docker.socket
{% endif %}
[Service]
@@ -22,7 +24,7 @@ ExecStart={{ bin_dir }}/kubelet \
$KUBELET_REGISTER_NODE \
$KUBELET_NETWORK_PLUGIN \
$KUBELET_CLOUDPROVIDER
-ExecStartPre=-/usr/bin/docker rm -f kubelet
+ExecStopPost=-/usr/bin/docker rm -f kubelet
ExecReload=/usr/bin/docker restart kubelet
Restart=always
RestartSec=10s
diff --git a/roles/network_plugin/calico/templates/calico-node.service.j2 b/roles/network_plugin/calico/templates/calico-node.service.j2
index 115da35ae..152ecce64 100644
--- a/roles/network_plugin/calico/templates/calico-node.service.j2
+++ b/roles/network_plugin/calico/templates/calico-node.service.j2
@@ -1,8 +1,8 @@
[Unit]
Description=Calico per-node agent
Documentation=https://github.com/projectcalico/calico-docker
-After=docker.service etcd-proxy.service
-Wants=docker.socket
+After=docker.service docker.socket etcd-proxy.service
+Wants=docker.service docker.socket etcd-proxy.service
[Service]
User=root
diff --git a/roles/network_plugin/calico/templates/systemd-docker.service b/roles/network_plugin/calico/templates/systemd-docker.service
index 01383d772..d20a2fbe0 100644
--- a/roles/network_plugin/calico/templates/systemd-docker.service
+++ b/roles/network_plugin/calico/templates/systemd-docker.service
@@ -2,11 +2,11 @@
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
{% if ansible_os_family == "RedHat" %}
-After=network.target
+After=network.target docker-storage-setup.service
Wants=docker-storage-setup.service
{% elif ansible_os_family == "Debian" %}
After=network.target docker.socket
-Requires=docker.socket
+Wants=docker.socket
{% endif %}
[Service]
@@ -20,6 +20,9 @@ EnvironmentFile=-/etc/sysconfig/docker-storage
EnvironmentFile=-/etc/default/docker
{% endif %}
Environment=GOTRACEBACK=crash
+ExecReload=/bin/kill -s HUP $MAINPID
+Delegate=yes
+KillMode=process
ExecStart=/usr/bin/docker daemon \
$OPTIONS \
$DOCKER_STORAGE_OPTIONS \
diff --git a/roles/network_plugin/flannel/templates/systemd-docker.service b/roles/network_plugin/flannel/templates/systemd-docker.service
index 3275c6e24..21790dd6f 100644
--- a/roles/network_plugin/flannel/templates/systemd-docker.service
+++ b/roles/network_plugin/flannel/templates/systemd-docker.service
@@ -2,22 +2,26 @@
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
{% if ansible_os_family == "RedHat" %}
-After=network.target
+After=network.target docker-storage-setup.service
Wants=docker-storage-setup.service
{% elif ansible_os_family == "Debian" %}
After=network.target docker.socket
-Requires=docker.socket
+Wants=docker.socket
{% endif %}
[Service]
Type=notify
EnvironmentFile=-/etc/default/docker
Environment=GOTRACEBACK=crash
+ExecReload=/bin/kill -s HUP $MAINPID
+Delegate=yes
+KillMode=process
ExecStart=/usr/bin/docker daemon \
$OPTIONS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
- $INSECURE_REGISTRY
+ $INSECURE_REGISTRY \
+ $DOCKER_OPTS
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
diff --git a/roles/network_plugin/weave/templates/systemd-docker.service b/roles/network_plugin/weave/templates/systemd-docker.service
index 3275c6e24..96dd6cd05 100644
--- a/roles/network_plugin/weave/templates/systemd-docker.service
+++ b/roles/network_plugin/weave/templates/systemd-docker.service
@@ -6,18 +6,22 @@ After=network.target
Wants=docker-storage-setup.service
{% elif ansible_os_family == "Debian" %}
After=network.target docker.socket
-Requires=docker.socket
+Wants=docker.socket
{% endif %}
[Service]
Type=notify
EnvironmentFile=-/etc/default/docker
Environment=GOTRACEBACK=crash
+ExecReload=/bin/kill -s HUP $MAINPID
+Delegate=yes
+KillMode=process
ExecStart=/usr/bin/docker daemon \
$OPTIONS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
- $INSECURE_REGISTRY
+ $INSECURE_REGISTRY \
+ $DOCKER_OPTS
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
diff --git a/roles/network_plugin/weave/templates/weave.service.j2 b/roles/network_plugin/weave/templates/weave.service.j2
index a4e9e8d8e..46d9434fe 100644
--- a/roles/network_plugin/weave/templates/weave.service.j2
+++ b/roles/network_plugin/weave/templates/weave.service.j2
@@ -1,8 +1,8 @@
[Unit]
Description=Weave Network
Documentation=http://docs.weave.works/weave/latest_release/
-Requires=docker.service
-After=docker.service
+Wants=docker.service docker.socket
+After=docker.service docker.socket
[Service]
EnvironmentFile=-/etc/weave.env
diff --git a/roles/network_plugin/weave/templates/weaveexpose.service.j2 b/roles/network_plugin/weave/templates/weaveexpose.service.j2
index 03446ee0f..912ed1fee 100644
--- a/roles/network_plugin/weave/templates/weaveexpose.service.j2
+++ b/roles/network_plugin/weave/templates/weaveexpose.service.j2
@@ -1,9 +1,7 @@
[Unit]
Documentation=http://docs.weave.works/
-Requires=docker.service
-Requires=weave.service
-After=weave.service
-After=docker.service
+Wants=docker.service docker.socket weave.service
+After=docker.service docker.socket weave.service
[Service]
Type=oneshot
diff --git a/roles/network_plugin/weave/templates/weaveproxy.service.j2 b/roles/network_plugin/weave/templates/weaveproxy.service.j2
index fe5032893..f37120f1c 100644
--- a/roles/network_plugin/weave/templates/weaveproxy.service.j2
+++ b/roles/network_plugin/weave/templates/weaveproxy.service.j2
@@ -1,8 +1,8 @@
[Unit]
Description=Weave proxy for Docker API
Documentation=http://docs.weave.works/
-Requires=docker.service
-After=docker.service
+Wants=docker.service docker.socket
+After=docker.service docker.socket
[Service]
EnvironmentFile=-/etc/weave.%H.env
--
GitLab